Role - tripleo-kernel

Role Documentation

Welcome to the “tripleo_kernel” role documentation.

Role Defaults

This section highlights all of the defaults and variables set within the “tripleo_kernel” role.

# All variables intended for modification should be placed in this file.
tripleo_kernel_extra_modules: {}
tripleo_kernel_extra_packages: {}
tripleo_kernel_sysctl_extra_settings: {}
tripleo_kernel_args: ''
tripleo_kernel_reboot_timeout: 3600
tripleo_kernel_post_reboot_delay: 60
tripleo_kernel_defer_reboot: false
tripleo_kernel_reboot_protection: false

Role Variables: main.yml

tripleo_kernel_modules:
  br_netfilter: {}
  nf_conntrack: {}

tripleo_kernel_sysctl_settings:
  net.ipv4.tcp_keepalive_intvl:
    value: 1
  net.ipv4.tcp_keepalive_probes:
    value: 5
  net.ipv4.tcp_keepalive_time:
    value: 5
  net.ipv4.conf.default.send_redirects:
    value: 0
  net.ipv4.conf.all.send_redirects:
    value: 0
  net.ipv4.conf.all.arp_accept:
    value: 1
  net.ipv4.conf.default.accept_redirects:
    value: 0
  net.ipv4.conf.default.secure_redirects:
    value: 0
  net.ipv4.conf.all.secure_redirects:
    value: 0
  net.ipv4.conf.default.log_martians:
    value: 1
  net.ipv4.conf.all.log_martians:
    value: 1
  net.nf_conntrack_max:
    value: 500000
  net.netfilter.nf_conntrack_max:
    value: 500000
  net.ipv6.conf.all.accept_ra:
    value: 0
  net.ipv6.conf.default.accept_ra:
    value: 0
  net.ipv6.conf.all.autoconf:
    value: 0
  net.ipv6.conf.default.autoconf:
    value: 0
  net.ipv6.conf.default.accept_redirects:
    value: 0
  net.ipv6.conf.all.accept_redirects:
    value: 0
  net.ipv4.conf.all.arp_notify:
    value: 1
  net.ipv6.conf.all.ndisc_notify:
    value: 1
  net.core.netdev_max_backlog:
    value: 10000
  kernel.dmesg_restrict:
    value: 1
  fs.suid_dumpable:
    value: 0

Molecule Scenarios

Molecule is being used to test the “tripleo_kernel” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.

Scenario: kernelargs-update

Driver: delegated

Molecule Options

managed: false
login_cmd_template: >-
  ssh
  -o UserKnownHostsFile=/dev/null
  -o StrictHostKeyChecking=no
  -o Compression=no
  -o TCPKeepAlive=yes
  -o VerifyHostKeyDNS=no
  -o ForwardX11=no
  -o ForwardAgent=no
  {instance}
ansible_connection_options:
  ansible_connection: ssh

Molecule Inventory

hosts:
  all:
    hosts:
      instance:
        ansible_host: localhost

Example kernelargs-update playbook

- name: Converge
  hosts: all
  become: true
  vars:
    tripleo_kernel_args: test=1
  tasks:
  - name: create kernelargs entry with the older name
    lineinfile:
      dest: /etc/default/grub
      regexp: ^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*
      insertafter: ^GRUB_CMDLINE_LINUX.*
      line: TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS=" {{ tripleo_kernel_args }} "
  - name: create append entry with older name
    lineinfile:
      dest: /etc/default/grub
      line: GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX:+$GRUB_CMDLINE_LINUX }${TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS}"
      insertafter: ^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*
  - include_role:
      name: tripleo_kernel
      tasks_from: kernelargs.yml
    vars:
      tripleo_kernel_defer_reboot: true

Scenario: extra

Driver: delegated

Molecule Options

managed: false
login_cmd_template: >-
  ssh
  -o UserKnownHostsFile=/dev/null
  -o StrictHostKeyChecking=no
  -o Compression=no
  -o TCPKeepAlive=yes
  -o VerifyHostKeyDNS=no
  -o ForwardX11=no
  -o ForwardAgent=no
  {instance}
ansible_connection_options:
  ansible_connection: ssh

Molecule Inventory

hosts:
  all:
    hosts:
      instance:
        ansible_host: localhost

Example extra playbook

- name: Converge
  hosts: all
  roles:
  - role: tripleo_kernel
    tripleo_kernel_extra_modules:
      dummy: {}
    tripleo_kernel_extra_packages:
      kmod-kvdo: {}
    tripleo_kernel_sysctl_extra_settings:
      kernel.ftrace_dump_on_oops:
        value: 1

Scenario: default

Driver: delegated

Molecule Options

managed: false
login_cmd_template: >-
  ssh
  -o UserKnownHostsFile=/dev/null
  -o StrictHostKeyChecking=no
  -o Compression=no
  -o TCPKeepAlive=yes
  -o VerifyHostKeyDNS=no
  -o ForwardX11=no
  -o ForwardAgent=no
  {instance}
ansible_connection_options:
  ansible_connection: ssh

Molecule Inventory

hosts:
  all:
    hosts:
      instance:
        ansible_host: localhost

Example default playbook

- name: Converge
  hosts: all
  roles:
  - role: tripleo_kernel

Scenario: kernelargs

Driver: delegated

Molecule Options

managed: false
login_cmd_template: >-
  ssh
  -o UserKnownHostsFile=/dev/null
  -o StrictHostKeyChecking=no
  -o Compression=no
  -o TCPKeepAlive=yes
  -o VerifyHostKeyDNS=no
  -o ForwardX11=no
  -o ForwardAgent=no
  {instance}
ansible_connection_options:
  ansible_connection: ssh

Molecule Inventory

hosts:
  all:
    hosts:
      instance:
        ansible_host: localhost

Example kernelargs playbook

- name: Converge
  hosts: all
  become: true
  tasks:
  - include_role:
      name: tripleo_kernel
      tasks_from: kernelargs.yml
    vars:
      tripleo_kernel_args: test=1
      tripleo_kernel_defer_reboot: true